Search

Search

Why unprivileged user can't change file ownership?

debugcn Published at Dev

10

Alexandru

From chown(2):

Only a privileged process (Linux: one with the CAP_CHOWN capability) may change the owner of a file. The owner of a file may change the group of the file to any group of which that owner is a member. A privileged process (Linux: with CAP_CHOWN) may change the group arbitrarily.

What's the reason for this restriction? Why an unprivileged user can't change file ownership of a file it owns (ie. no /etc/shadow)?

$ touch blah
$ chown root:root blah
chown: changing ownership of `blah': Operation not permitted

Chris Nava

By allowing users to "give away" files you run afoul of various features of the OS. Such as:

Taking up another user's disk quota.
Impersonating another user (or even root) via setuid.
Having insufficient privileges to undo a mistaken chown.
Making it appear that someone else had created a given file.
Setting up cron jobs to run on other user's accounts.
And many more...

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at2021-06-20

0

Comments

0 comments

Login to comment

Related

From Dev

Change linux user default ownership on file creation?

From Dev

Change linux user default ownership on file creation?

From Dev

Rsync and file ownership - don't change ownership on server

From Dev

Can't change ownership of mounted device

From Dev

File I can't take ownership of

From Dev

Why can't this user delete this file?

From Dev

Does file user ownership change when transferring files between computers?

From Dev

How to change file ownership when chown says "invalid user: ‘–R'"?

From Dev

How come I, as a normal user, am able to change ownership of a file?

From Dev

Change permissions of file when group has ownership, but user does not

From Dev

Why is rm allowed to delete a file under ownership of a different user?

From Dev

Can the Busybox init start a process as unprivileged user

From Dev

Why can't unprivileged users nest FUSE mounts, but they can mount FUSE inside NFS with root_squash?

From Dev

OverlayFS doesn't work with unprivileged user namespace

From Dev

Can't change permission/ownership/group of external hard drive on Ubuntu

From Dev

can't change user

From Dev

Change ownership of file from a user to another user which the first user controlls

From Dev

I can't change any user settings with my login, why?

From Dev

Can the root user change the owner of a file that he doesn't own?

From Dev

List File Space Ownership By User

From Dev

changing ownership of file as group user

From Dev

Revoke file ownership and give user

From Dev

Is there an R function to change file ownership?

From Dev

Problem with recursive change of file ownership

From Dev

Why the S_ISUID and S_ISGID mode bits got cleared when the owner or group of an executable file are changed by an unprivileged user

From Dev

Why can't I read a file as another user with sudo

From Dev

Why can't you change the name of an open file in Windows?

From Dev

Can't take ownership of files

From Dev

Can an unprivileged user be given read-only rights to a SYSTEM task?

Related Related

Article

HotTag

Archive